Options
Studying for 501 and this question has got me stumped - tunelling with MAC visible over the net
eurotechie
Member Posts: 2 ■□□□□□□□□□
in Security+
Hi,
I can't figure out the answer to the question below. Could someone please advise:
I can't figure out the answer to the question below. Could someone please advise:
A security engineer wants to implement a site-to-site VPN that will require SSL certificates for mutual authentication. Which of the following should the engineer implement if the design requires client MAC address to be visible across the tunnel?
A.Tunnel mode IPSec
B.Transport mode VPN IPSec
C.L2TP
D.SSL VPN
B.Transport mode VPN IPSec
C.L2TP
D.SSL VPN
Answer: D
I'm thinking the answer should B, but I'm not sure. SSL VPN just sounds too vague. Some advice would be appreciated...
I'm thinking the answer should B, but I'm not sure. SSL VPN just sounds too vague. Some advice would be appreciated...
Comments
-
Options
yoba222
Member Posts: 1,237 ■■■■■■■■□□
I didn't even know you could do that. All my MAC address scanning tools seem useless whenever I'm VPNed into a network and I just assumed it was not possible. Curious to know the answer.A+, Network+, CCNA, LFCS,
Security+, eJPT, CySA+, PenTest+,
Cisco CyberOps, GCIH, VHL,
In progress: OSCP -
Optionsdeadjoe
Member Posts: 24 ■■■□□□□□□□
All four can use certs for auth. A and C use Layer 3 routing. B is host-to-host not site-to-site.
OpenVPN is an example of an SSL VPN that can do Layer 2 bridging site-to-site.
I don't like this question though. It's too difficult for Security+.